Well, I guess the title is a little misleading. The ldap connection is working like a champ. I configured sssd to bind using my own credentials, and that’s working. The searches are successful and return the correct result.
Things I don’t understand:
·
Sssd performs two ldap searches for my username, not one.
·
Using wireshark, I don’t even see it trying to bind to AD using the account it finds (twice).
·
sssd fails to authenticate me, but the logs seems to indicate to me that everything it tried succeeded.
This is on a VM with a minimal install of Fedora 19. The setup roughly follows
https://fedorahosted.org/sssd/wiki/Configuring%20sssd%20to%20authenticate%20with%20a%20Windows%202008%20Domain%20Server with local modifications to enable id mapping. I’m attaching edited versions of sssd.conf, sssd_pam.log, sssd_nss.log, and the output
of wireshark (stupidly named sssd.log.) pam and nss are both at debug level 9.
Does anyone have any suggestions as to what I should try?
Bryce